[kernel] r19598 - dists/squeeze-security/linux-2.6/debian/patches/bugfix/all
Ben Hutchings
benh at alioth.debian.org
Sun Dec 9 22:54:54 UTC 2012
Author: benh
Date: Sun Dec 9 22:54:54 2012
New Revision: 19598
Log:
Fix memory leak in backported fix for CVE-2012-4398
Modified:
dists/squeeze-security/linux-2.6/debian/patches/bugfix/all/kmod-make-__request_module-killable.patch
Modified: dists/squeeze-security/linux-2.6/debian/patches/bugfix/all/kmod-make-__request_module-killable.patch
==============================================================================
--- dists/squeeze-security/linux-2.6/debian/patches/bugfix/all/kmod-make-__request_module-killable.patch Sun Dec 9 22:00:02 2012 (r19597)
+++ dists/squeeze-security/linux-2.6/debian/patches/bugfix/all/kmod-make-__request_module-killable.patch Sun Dec 9 22:54:54 2012 (r19598)
@@ -26,19 +26,20 @@
Cc: David Rientjes <rientjes at google.com>
Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds at linux-foundation.org>
- [dannf: backported to Debian's 2.6.32]
+ [dannf, bwh: backported to Debian's 2.6.32]
diff --git a/kernel/kmod.c b/kernel/kmod.c
index 09e10c3..553ce09 100644
--- a/kernel/kmod.c
+++ b/kernel/kmod.c
-@@ -50,16 +50,45 @@ static struct workqueue_struct *khelper_wq;
+@@ -50,16 +50,48 @@ static struct workqueue_struct *khelper_wq;
*/
char modprobe_path[KMOD_PATH_LEN] = "/sbin/modprobe";
+static void free_modprobe_argv(char **argv, char **envp)
+{
-+ kfree(argv);
++ kfree(argv[3]); /* check call_modprobe() */
++ kfree(argv);
+}
+
static int call_modprobe(char *module_name, int wait)
@@ -67,12 +68,14 @@
+
+ info = call_usermodehelper_setup(argv[0], argv, envp, GFP_ATOMIC);
+ if (!info)
-+ goto free_argv;
++ goto free_module_name;
+
+ call_usermodehelper_setcleanup(info, free_modprobe_argv);
+
+ return call_usermodehelper_exec(info, wait | UMH_KILLABLE);
+
++free_module_name:
++ kfree(module_name);
+free_argv:
+ kfree(argv);
+out:
More information about the Kernel-svn-changes
mailing list